REMARKS 



Claims 1-20 are currently active. 

Antecedent support for the amendments to the claims is found on page 10, lines 

10-14. 

The Examiner has rejected Claims 1,2, 13 and 14 as being anticipated by 
Segal. Applicant respectfully traverses this rejection. 

Segal specifically teaches a set of firewall-type commands that include lists of 
which nodes, sources, networks to use with certain destinations. These commands can be 
utilized by filtering devices and/or security devices such as firewalls, ingress nodes, switches 
which would be informed which destination nodes, addresses, ports are permitted to which 
source nodes in networks. See column 3, lines 35-45. It is clear from these teachings that 
these devices have the list themselves and do not have the functionality regarding the list 
located in a separate location. The Examiner is interpreting the language of Segal in such a 
way that he finds applicant's claimed invention. However, it is submitted the Examiner is 
reading teachings into Segal which are not there. To clarify this distinction between the 
claimed invention and Segal in view of the Examiner's last Office Action, the claimed 



invention has been amended to include the limitation that the first inspection engine and the 
second section engine which are connected to the switch are not in line with the internal 
network and the external network. In contrast, Segal teaches the common prior art structure 
of inspection engines that are in line. It must be stressed that the applicant's claims are further 
limited by the fact that each inspection engine receives traffic from the switch, processes the 
traffic to determine whether it is desired traffic or undesired traffic, prevents undesired traffic 
from passing through the inspection engine and sends the desired traffic back to the switch. 
This further emphasizes the not in line architecture of applicant's claimed invention. There is 
no teaching a suggestion of this limitation in Segal. 

Segal does not teach a first inspection engine or a second inspection engine that 
are not in line with an internal network and an external network which receive traffic from the 
switch and which send desired traffic back to the switch. 

Segal teaches a network 40 that comprises various subnetworks 42, 44, 48, 52 
and 53 and firewall units 43, 45, 46, 47, 49 and 50. The firewall units comprise a shared list 
setting forth a plurality of lists of nodes and a set of access privileges for each listed node. 
See colunm 2, lines 50-65. Segal teaches that a protocol for the network 40 would provide for 
lists sent by each node indicating which other nodes are permitted to receive from, and 
transmit to it, and what type of access they are allowed. This information is detected by each 
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firewall unit which limits transmissions to the route only to their intended destinations. The 
firewall units have the capability to accept signals from the network for only certain defined 
purposes. The list of intended recipients can have any desired granularity. The situation can 
be improved upon by providing a set of firewall-type commands that include lists of which 
nodes, sources, networks are allowed to use certain destinations. These commands can be 
utilized by filtering devices and/or security devices such as firewalls, and ingress nodes, 
switches, which would be informed which destination nodes, addresses, ports are permitted to 
which source nodes or networks. These filters and devices and/or security devices may be 
separate standalone components or the capability may be integrated into other possibly already 
existing devices. See column 3, lines 20-45. 

Segal teaches that a network node has a memory 104 which includes software 
such as network protocol programs 106, and an allowable sender and recipient list 108 for 
transmissions. See column 3, lines 45-56. 

Segal teaches that a node originates a new list with access protection and 
updates the local list already with the node. The list is then encrypted and then transmitted to 
the security devices on the network. A node comprising a security device receives the 
encrypted list and then decrypts the received list. A decision is then made to determine 
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whether the received list is newer than the local list. If it is, it is saved, and if it is not, it is 
discarded. See column 4, lines 1-20. 

There are several critical distinctions between applicant's claimed invention and 
Segal. There is the distinction that applicant's claimed invention requires a switch and at least 
two separate inspection engines, the first inspection engine and the second inspection engine. 
Both the first inspection engine and the second inspection engine receive traffic from the 
switch. Each inspection engine processes the traffic that it has received and determines 
whether it is desired traffic on undesired traffic. Each inspection engine prevents undesired 
traffic from passing through it and sends the desired traffic back to the switch. Once the 
switch receives the desired traffic, it then sends it to their respective destination that 
corresponds to the inspection engine that processed the data. 

There is no teaching or suggestion whatsoever for such a specific architecture in 
Segal. What is critical to Segal is a list that tells each firewall which destination it can 
communicate with. For this reason alone, that there is no distributed processing of the traffic 
apart from the switch at an inspection engine that receives the traffic, and then returns only a 
desired portion of the traffic to the switch. Claims 1 and 13 are not anticipated by Segal. 
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As is stated in the background of the above-identified patent application, 
hardware-based systems tend to be very fast, but don't deal well with very complex 
operations. Hence, software-based systems are still the norm, even with all their problems. 
In a system where a single processor that is fast enough, there's still the problem that if the 
processor dies, then the whole system grinds to a standstill. It is highly undesirable. One of 
the advantages of applicant's claimed invention is that the determination of whether the traffic 
is desirable or undesirable is determined at a separate inspection engine apart from the switch, 
where there are at least two inspection engines, so that if one inspection engine fails, the 
operation of the switch can still proceed, and even if necessary, use the second inspection 
engine. Segal does not recognize this whatsoever. 

Yet another critical distinction is that Segal teaches a list is created and 
circulated amongst the nodes which identifies to each of the nodes which destinations can or 
cannot receive traffic from a given node. This list does not distinguish between desired and 
undesired traffic, but simply prevents all traffic from reaching a certain destination if that 
destination is on a list with respect to a given node. Thus, there is no teaching or suggestion 
of any type of inspection engine, let alone a first inspection engine and a second inspection 
engine, which are both connected to the switch which receive traffic from the switch, process 
the traffic to determine whether it is desired traffic or undesired traffic, which prevents 
undesired traffic from passing through the respective engine and which send desired traffic 
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back to the switch. The switch then in turn, sends the desired traffic to the respective 
destination that has been processed by the respective engine. In fact, Segal is silent about 
whether traffic is desired or undesired and is completely unconcerned with separating the 
undesired traffic from the desired traffic that is to reach a given destination. For this reason 
also. Claims 1 and 13 are not anticipated by Segal. 

Accordingly, Claims 1,2, 13 and 14 are patentable over Segal. 

The Examiner has rejected Claims 3-12 and 15-20 as being unpatentable over 
Segal in view of Huang. Applicant respectfully traverses this rejection. 

Referring to Huang, there is disclosed a scalable switching network. There is 
no teaching or suggestion anywhere in regard to an inspection engine, let alone an inspection 
engine which processes the traffic to determine whether it is desired traffic or undesired 
traffic, and which prevents undesired traffic from passing through it and then sends the desired 
traffic back to the switch, as found in applicant's claimed invention. Huang has nothing to do 
with the teachings of Segal in regard to the claimed invention. The Examiner is citing Huang 
for the teachings of port and connections to various nodes. 
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Huang teaches various architectures that are based on a switching fabric of 
routers to implement a scalable switching network. The switching fabric supplies the 
connectivity. The routers supply the routing, maintenance, and administrative functions. 
Huang teaches various architectures such as the switching network 80 shown in figure 1 . The 
other figures taught by Huang show different architectural configurations of a switching fabric. 
What is key though in regard to the teachings of Huang, is that they are all basically switches. 
However, applicant freely admits that he did not discover or invent the switch, or the various 
connectivities in a switching network. However, applicant's claimed invention depicts that 
applicant has separated the inspection engine from the switch and uses the switch to divert the 
traffic to the fu-st inspection engine or the second to inspection engine for processing; and then 
receives back from the first inspection engine or the second inspection engine the desired 
traffic so the switch can send the desired traffic onto the first destination or the second 
destination depending on from which inspection engine the desired traffic came from. Thus, 
not only does Huang fail to even teach the first inspection engine but also fails to teach a 
second section engine as found in applicant's claimed invention. 

Accordingly, Claims 1 and 13 are in patentable over the applied art of record. 
Claims 3-12 are dependent to parent Claim 1 and are patentable for the reasons Claim 1 is 
patentable. 
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It must be stressed that there is no teaching or suggestion in Segal of the 
limitation that the switch has a first port and a second port connected to an external network 
receives traffic from the external network, said switch directing traffic received at the first port 
to the first firewall processing engine and directing traffic received at the second port to the 
second firewall processing engine. There is no need or even hint of this limitation in regard to 
Segal. The only reason to take such a teaching out of Huang and introduce it into Segal is 
from hindsight from applicant's claims this is not patent law. Accordingly, Claim 3 is 
patentable over Segal in view of Huang. 

In regard to Claim 8, Segal does not teach or suggest or even recognize the 
need for the switch to rebalance traffic for a security group when one of the firewall 
processing engines serving a security group fails across the other firewall processing engines 
serving the security group. Huang does not recognize to rebalance traffic where the firewall 
protection with the inspection engine is separate and apart from the switch, and there are a 
plurality of inspection engines across which the rebalancing occurs. Again, the Examiner is 
picking and choosing the claimed elements from the applied art of record, and having found 
them in different references, is simply concluding that applicant's claimed invention must be 
obvious. Besides the fact that this is using hindsight, this is also contrary to patent law. 
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Claims 14-20 are dependent to parent Claim 13 and are patentable for the 
reasons Claim 13 is patentable. 

In view of the foregoing amendments and remarks, it is respectfully requested 
that the outstanding rejections and objections to this application be reconsidered and 
withdrawn, and Claims 1-20, now in this application be allowed. 



Respectfully submitted, 



CERnFICATEOFMAIUNG 




Attorney for Applicant 
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